DATA CENTERS

Cisco Backs Loggly; Watch Out VMware

Log analysis startup wins powerful new backer, just weeks after VMware announced new log analysis tools.

If log file management is a big data problem, Loggly wants to be the answer. So far, however, it's found the ranks of its competitors swelling. The most recent entrant was VMware, which entered the list July 11 with general availability of vCenter Log Insight.

In its latest round of financing, Loggly found a new backer: Cisco Systems. If VMware believes log file management is one of the keys to the virtualized network and data center, Cisco apparently does too. Loggly, a 23-employee company, recently raised $10.5 million, for a total of $20.9 million so far, from a group of backers that included Cisco and Data Collective Venture Capital, Loggly said Tuesday. Data Collective was an early backer of Couchbase and MemSQL.

Loggly CEO Charlie Oppenheimer said in an interview that his firm can't be posed as a direct competitor to vCenter Log Insight because VMware's product is oriented toward existing VMware enterprise customers. Loggly has been accumulating businesses that were born on the Web or are units of large companies doing business on the Web.

With a product that's been on the market only since mid-2010, Loggly has 3,500 customers.

Loggly is finding its initial round of success with "those companies that do the bulk of their business over the Internet," said Oppenheimer. Part of the reason for that is Loggly's log file management is available only as software-as-a-service. Companies with online systems as their primary business channel are the ones most comfortable with adopting SaaS, he said.

Loggly was founded in 2009 in San Francisco and wants to make server logs more accessible to the average systems administrator, operations manager or DevOps manager. Most log file management products require someone knowledgeable in the system to configure it, search for particular software events and draw up a report.

The second generation of the log analysis product, released Tuesday, will try to popularize a new term in IT operations, responsive log management (RLM), claimed Oppenheimer. Loggly doesn't require an agent or any other proprietary additions to a customer's operations. System admins can sign up and connect a server's log file system to the server through standard syslog protocols, including HTTP, RFC 5424 and RFC 3164.

Once the data from the server is flowing into the Loggly service, "it's a point-and-click process, using commands like those in Excel," said Oppenheimer. Users may look for "low-memory events" which indicate a system is bogging down and "see what correlates with them," he said.

Users may visualize in a chart the sum total of particular types of events, such as the number of times the database executes commits in a particular time frame. You may look for minimum or maximum usage of resources or look for events that have a response time that falls within a particular range.

"It's high-level assistance. You point and click to visualize the data and see the story that the data is trying to tell," he said. Unlike the first version of Loggly, generation 2 has a graphical Web interface that allows users to build their own reports, based on log-file data that has already been parsed and indexed. The first version gave customers a simple, command line interface with which to examine the data.

In a media release Tuesday, marketing director David Ewart wrote that the "stories" feature in version two means "that the service should not simply be a tool to inspect log data but rather should reveal the stories that the data tells. The stories are visual representations that provide insights in and of themselves as well as provide fine-pitch guidance as to where to focus further investigative effort."

In an interview, he clarified that Loggly provides views into log file data but doesn't attempt to apply machine learning or conclusions deduced from artificial intelligence that would advise system admins on what to do next.

The service runs on both Loggly's colocation servers in San Francisco and on Amazon Web Services. Loggly uses AWS for the part of the service that shows elastic demand, the data collection service. The analytics and data visualization parts are done on Loggly servers. Both operations can be done in either location as a safeguard against a service outage, Ewart said.

The service is priced at $49 per month for the Developer version of the service, to process 1 GB or less of log file data per day; data is retained for only seven days. A Production version is priced at $349 a month for processing up to 7 GBs a day; data is retained for 15 days. If a customer has 50 GBs of data a day, the service would cost $2,600 a month. There is a free Light version for less than 1 GB of data a day.

Oppenheimer is the former CEO of startups Aptivia, purchased by Yahoo in 2000 as the basis for Yahoo Shopping, and Digital Fountain, a supplier of wireless video infrastructure, purchased by Qualcomm in 2009.

The 3,500 customers number includes users of Loggly's free service, so not all of them are paying customers.How many are paying customers? Oppenheimer declines to divulge that number. His response, "a substantial" share of them, is non-specific. Substantial compared to what?

Social engineering, ransomware, and other sophisticated exploits are leading to new IT security compromises every day. Dark Reading's 2016 Strategic Security Survey polled 300 IT and security professionals to get information on breach incidents, the fallout they caused, and how recent events are shaping preparations for inevitable attacks in the coming year. Download this report to get a look at data from the survey and to find out what a breach might mean for your organization.